This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Progress has released patches that correct this issue and may be downloaded at the location below:Progress Software
Progress also recommends disabling the WSISA Messenger Administration Utility after the Webspeed applications have gone into production. The following instructions have been taken from the Progress knowledge base:
For security reasons, many web administrators do not allow users to use the WSMAdmin command to access webspeed configuration information. In order to disable this, you have to uncheck the box next to 'Internal Administration Command - WSMAdmin' for each Webspeed Messenger.
If after doing the above, you find that you can still access the WSMAdmin utility from a web browser, you need to take the following steps:
1. Stop the webspeed brokers
2. Close the Progress Explorer
3. Open the ubroker.properties file in notepad (or any other editor)
Find the following entry under[Webspeed.Messengers]
Modify this line to: AllowMsngrCmds=0
4. Stop the Progress Admin Service - (Control Panel->Services)
5. Re-start the Progress Admin Service - (Control Panel->Services)
6. Connect to the Progress Admin Service from the Progress Explorer
7. Restart your web brokers
Messenger Internal Commands should now be disabled and you should not be able to access WSMAdmin from a web browser.